Penetration Testing mailing list archives
RE: Tool to find hidden web proxy server
From: Christopher Adickes <christopher_adickes () SHI com>
Date: Fri, 3 Sep 2004 08:37:44 -0400
How many machines do you have on your network? Would it be manageable to do a port scan of your hosts and look for suspicious or non-standard ports. This would only work on a small number of machines because sifting through the port scan data might be a pain. Good luck tracking this sneaky person down! -----Original Message----- From: Gary E. Miller [mailto:gem () rellim com] Sent: Thursday, September 02, 2004 4:40 PM To: Burnett, Robert Cc: Pen Subject: RE: Tool to find hidden web proxy server -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Yo Robert! On Thu, 2 Sep 2004, Burnett, Robert wrote:
If you span a port on your internal switch (assuming you have an interna l switch) and sniff all traffic traveling through it, you could ngrep fo r HTTP CONNECT requests. This would detect connections to the proxy ser vers.
Unless: 1. The proxy traffic is using trivial encryption, like https, ssh, openvpn, socks/ssl, etc. Then all you will sniff is gibberish. 2. The proxy traffic is going around your firewall using POTS, Cell Phone, CPDP, Wi-Fi, etc. RGDS GARY - --------------------------------------------------------------------------- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 gem () rellim com Tel:+1(541)382-8588 Fax: +1(541)382-8676 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFBN4Ud8KZibdeR3qURAly9AKCf+hQnLH0L7FTFQ6kRETMueKBeVgCg3WBg NKQm/JzyumQezSdSFlLZt8Q= =lho6 -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- -- Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html ---------------------------------------------------------------------------- --- ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- RE: Tool to find hidden web proxy server, (continued)
- RE: Tool to find hidden web proxy server Burnett, Robert (Sep 02)
- RE: Tool to find hidden web proxy server Gary E. Miller (Sep 02)
- RE: Tool to find hidden web proxy server Scovetta, Michael V (Sep 02)
- RE: Tool to find hidden web proxy server Jose Maria Lopez (Sep 03)
- RE: Tool to find hidden web proxy server Singh, Yashpal (Sep 03)
- RE: Tool to find hidden web proxy server Jose Maria Lopez (Sep 07)
- RE: Tool to find hidden web proxy server okrehel (Sep 08)
- RE: Tool to find hidden web proxy server Jose Maria Lopez (Sep 08)
- RE: Tool to find hidden web proxy server Jose Maria Lopez (Sep 07)
- RE: Tool to find hidden web proxy server Burnett, Robert (Sep 02)
- RE: Tool to find hidden web proxy server caleb . dods (Sep 03)
- RE: Tool to find hidden web proxy server caleb . dods (Sep 03)
- RE: Tool to find hidden web proxy server Christopher Adickes (Sep 04)
- RE: Tool to find hidden web proxy server BĂ©noni MARTIN (Sep 04)
- Rogue activity methodology (was: Tool to find hidden web proxy server) Chris Brenton (Sep 07)
- Re: Rogue activity methodology (was: Tool to find hidden web proxy server) Shashank Rai (Sep 08)
- Re: Rogue activity methodology (was: Tool to find hidden web proxy server) Chris Brenton (Sep 08)
- Re: Rogue activity methodology (was: Tool to find hidden web proxyserver) Dejan Markovic (Sep 09)
- Rogue activity methodology (was: Tool to find hidden web proxy server) Chris Brenton (Sep 07)